On 8/4/2017 1:33 AM, RazvanN wrote:
That could have never happened if they would have used D with @safe
That's mostly true, but not absolutely true.
1. There can be bugs in D's @safe checking and inference.
2. Function interfaces (such as in C interface files) are labeled @safe or not,
and the D compiler has no way to check. Hence, functions can (and have been)
mislabeled.
On the other hand, @safe does greatly reduce the attack surface. And as I've
prognosticated before, the utter lack of machine checkable memory safety in C
will herald the end of its use in anything connected to the internet.
